<?php 
/****

	If you want the best of the world,
give the world your best anytime！
            				——不二
                							
****/

//权限类
class PrivilegeAction extends Action {

	//登录
	public function login(){
		$this->display('login.html');
	}

	//验证登录
	public function checks(){
		$username = isset($_POST['username']) ? $_POST['username'] : '';
		$password = isset($_POST['password']) ? $_POST['password'] : '';
		$captcha = isset($_POST['captcha']) ? strtolower($_POST['captcha']) : '';

		//合法性验证
		if (empty($captcha)) {
			$this->failure('验证码不能为空');
			//echo "string";
		}
		if(empty($username)|| empty($password)){
			$this->failure('用户名和密码都不能为空');
		}
		//有效性
		if(!Captcha::checkCaptcha($captcha)){
			$this->failure('验证码错误');
		}
		//验证用户信息
		if($username===$GLOBALS['config']['username'] && $password===$GLOBALS['config']['password']){
			//success
			//设置session
			$_SESSION['username'] = md5($username);
			$_SESSION['password'] = md5($password);
			$this->success('登录成功','index.php?group=admin&module=category&action=index');
		}else{
			//fail
			$this->failure('用户名或密码错误');
		}
	}

	//验证码
	public function captcha(){
		Captcha::yanZhengMa(5);
	}
}

